Hello, @Maxim Just to be perfectly clear: does that mean that session tickets are supported for any version of nginx (including <v1.5.9), provided OpenSSL 0.9.8f is available? So the directive would be kind of 'intercepting' TLS commands, a man in the middle of client and OpenSSL?
@Arnaud I guess the docs <http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_timeout> have all your answers. --- *B. R.* On Mon, Apr 11, 2016 at 3:31 PM, Maxim Dounin <mdou...@mdounin.ru> wrote: > Hello! > > On Mon, Apr 11, 2016 at 01:23:02PM +0200, B.R. wrote: > > [...] > > > On a side-note, by default nginx does not store session parameters as it > > prefers tickets > > < > http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_tickets > >, > > supported since v1.5.9, over sessions ID. > > Session tickets supported as long as OpenSSL version used supports > them, that is, with OpenSSL 0.9.8f or later. > > In nginx 1.5.9 the "ssl_session_tickets" directive was added, > which makes it possible to disable session tickets when needed. > > -- > Maxim Dounin > http://nginx.org/ > > _______________________________________________ > nginx mailing list > nginx@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx >
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
